Professional Documents
Culture Documents
White Paper
Contents
2
Executive summary
Introduction
Living up to expectations
for multiplay services
Subscriber management
and provisioning
Securing multiplay
services
Implementing scalable
network topologies
11
Conclusion
Executive summary
Modern-day broadband networks
deliver multiplay video, voice, music,
gaming, and other services. Some are
already interactive; many are
converging further. But all are pushing
networks availability and real-time
capabilities to their limits. This has
service providers struggling to strike a
balance among their biggest business
concerns - capacity, scalability,
customer satisfaction, and cost.
The Nokia Siemens Networks ResIP
Center addresses these bottom-line
realities by combining best-of-breed
products, both homegrown and
sourced from partners, to engineer
solutions that ensure interoperability,
Introduction
In todays broadband market, service
providers differentiate their brands by
offering compelling packages aimed to
grow market share, revenue, and
margins. These multiplay services
encompass:
Voice over IP (VoIP) with full public
network interconnectivity
IPTV and premium entertainment
services (Pay TV)
Data for Internet access, quality
assurance, and virtual private
network (VPN) services
Interactive gaming
Video conferencing
With Digital Subscriber Line (DSL)
setups migrating to aggregation based
on Multiprotocol Label Switching
(MPLS) and Virtual Private LAN
Services (VPLS) to support higher bit
rates and richer services, architectural
issues are becoming a prime concern:
Where should critical subscriber
management features, policy
enforcement points, and IP routing
intelligence reside?
Experts in the ResIP Center have
developed, validated, optimized, and
certified IP solutions to help service
providers make the right decisions.
Tests at the ResIP Center have
confirmed that:
Given the right quality of service
(QoS) architecture, high-priority
video and premium data traffic flows
smoothly despite congestion. And
with the benefit of hierarchical
scheduling, bandwidth may be
prioritized among one subscribers
Network provisioning
The design principle for ResIP
multiplay access and edge domains is
deceptively simple: Commission the
network once and for all so that
adding new subscribers and launching
new services requires fewest elements
to be reconfigured.
The DSLAM (DSL Access Multiplexer)
can be provisioned in bulk to switch the
incoming DSL line or VC (virtual circuit)
and traffic to a C-VLAN. The DSLAM,
or aggregation switch, can also add an
outer tag (S-VLAN) to make the
aggregation network more scalable.
The carrier-grade Ethernet aggregation
network uses VLPS instances,
allocated per DLSAM. Configured upon
deployment, they need not be changed
later.
The BNG (Border Network Gateway)
automatically detects new customer
VLANs and user sessions. This is all it
takes to connect new customers once
the DSLAM and DSL modem are in
place.
Subscriber auto-detection
The BNG router senses C-VLANs,
S-VLANs (Service VLAN), and Pointto-Point Protocol over Ethernet
(PPPoE) and Dynamic Host
Configuration Protocol (DHCP) /
Service provisioning
Auto-detection plus auto-configuration
equals zero-touch provisioning. Verified
for Ethernet aggregation networks,
these carrier-grade zero-touch and
bulk provisioning capabilities make the
ResIP-certified multiplay concept
special. They auto-detect the
encapsulation protocol (DHCP/IPoE)
on an Ethernet VLAN, and then
authenticate the session via RADIUS.
Option 82 and the DSL line identifier or
the physical devices MAC address can
be forwarded to the RADIUS server for
DHCP authentication. This means the
same PPP (Point-To-Point Protocol)
subscriber management capability can
cover DHCP subscriber access. These
automated mechanisms:
Create the C-VLAN and an IP
interface for the session
Sense new sessions (PPP or
DHCP/IPoE)
Assign the service profile via the
BNG or RADIUS
Access
High-bandwidth applications can easily
clog the access network. It takes
superior traffic management to
guarantee true QoS and cost-effective
provisioning. The access network must
run at peak rates while ensuring bursty
applications do not adversely affect the
quality of delay-sensitive premium
services.
All nodes in Nokia Siemens Networks
access and aggregation architectures
support traffic prioritized by multi-field
classification, policing and shaping,
and bandwidth as specified by the
user-defined service level agreement
(SLA).
Traffic may be classed and mapped to
prioritized groups according to the
ingress port, the VLAN tag, Ethernet
priority, the IP Type of Service (TOS)
and Differentiated Services Code Point
(DSCP) field, and the target IP
address.
IP edge
Functions at the edge support IP
services by authenticating users and
distributing videos and broadcast TV.
There are two basic IP edge designs:
In a single edge, the same IP edge
router delivers all services within the
same user session. Services are
scheduled hierarchically, with the
appropriate QoS being assigned to
each. A single edge is usually paired
with a C-VLAN in the access
network. Delivering all services from
one point in the network has its
benefits: Service-based accounting
and policy enforcement are much
easier to implement.
In a multiple edge, different edge
routers deliver different services, for
example, one device provides
Internet access and the other IPTV.
A multiple edge is paired with
S-VLANs in the access networks.
This requires less complex and
costly edge devices, and makes
topologies more flexible. Bandwidthhungry applications may be ported
to the access network to offload
traffic from the core.
Nokia Siemens Networks put both
designs through a battery of tests and
developed rigorous engineering rules
and design guidelines for each.
IP core
Core routers offer a rich feature set
that supports differentiated service
classes for IP and MPLS traffic.
Applying a set of primitives to different
protocols, they use traffic policing, drop
priorities, queuing, and scheduling
mechanisms to achieve the
appropriate QoS. The traffic type rather
than the subscriber determines
priorities in the IP core. Multiplay
requires this differentiation so that each
traffic type is mapped to the scheduling
and QoS mechanisms required to
meet the various services QoS needs.
Preventing spoofing
Validating all incoming packets source
address improves network security.
Validation tools for all active clients
prevent malicious attackers from
forging source address. This is done
by inserting a Layer 2 plane between
CPE simplicity
C-VLANs make it easy to migrate
access networks and multiplay
services from ATM to Ethernet without
affecting the subscribers DSL modem.
Mapping the C-VLAN and the
customer-provisioned VCs connectivity
from the DSLAM down to the home
gateway or customer premises
equipment (CPE) is simple. Many
service providers have used a single
VC model for Internet broadband
access.
Handling routes
The key to building a scalable network
is to keep the IGP small. The Border
Gateway Protocol (BGP) carries many
prefixes around the ISP backbone so
that some engineers see the iBGP
(internal BGP) as their networks
interior routing protocol.
The IGP typically carries backbone
point-to-point links and router
loopback interface addresses.
The iBGP carries customerassigned address blocks, access
network address pools, any other
prefixes that need not be carried in
the IGP, and some or all of the
Internet Route Table.
The eBGP (external BGP) carries
prefixes between ISPs and
implements routing policy between
ISPs.
This is a very different model from
those used in the Internets infancy,
where the IGP carried all prefixes in
the ISPs backbone, and the BGP
merely exchanged prefixes between
autonomous systems.
In contrast to IGPs, an iBGP offers
great scalability courtesy of route
reflectors and confederations. This
Industrial-strength BGP
implementation
The learning curve for implementing
the BGP4 protocol is steep. A carriergrade BGP4 implementation requires
support for scores of features and
extensions. ResIP-certified multiplay
solutions rely heavily on a robust BGP
implementation because the iBGP and
eBGP transport all IP reachability
information.
10
MPLS prioritization
IGP/BGP traffic generally has priority
over LSP traffic. All traffic must be
mapped correctly into queues so that
the routers scheduler can prioritize it.
Each packets EXP bits must be set
accordingly for traffic transported via
LSPs.
11
Conclusion
Next-generation multiplay services
raise the bar for network performance.
Conventional architecture falls short of
providing the necessary bandwidth and
availability, not to mention reducing
packet loss and cost. This is why Nokia
Siemens Networks teamed up with the
leading IP vendors Cisco and Juniper
to develop a multiplay concept that:
Limits deployment risks
Enhances QoS
Provides a scalbable platform for
growth and change
www.nokiasiemensnetworks.com